GitHub Gatelet introduces supports for the GitHub CLI
search cancel

GitHub Gatelet introduces supports for the GitHub CLI


Article ID: 256977


Updated On:


CASB Advanced Threat Protection CASB Audit CASB Gateway CASB Gateway Advanced CASB Security Advanced CASB Security Advanced IAAS CASB Security Premium CASB Security Premium IAAS CASB Security Standard CASB Securlet IAAS CASB Securlet SAAS CASB Securlet SAAS With DLP-CDS


CASB version 3.154 released limited support for the GitHub CLI.


CASB techdoc describes what GitHub activity is supported by GitHub CLI and what is only support via web.

The following are known limitations:

  • Github needs to be configured to use a Windows certificate store (git config --global http.sslbackend schannel)
  • Filenames are not available for upload/download events, repository names are available instead.
  • Access Enforcement policy doesn't work well for Session-Auth due to client caching tokens. But, would work for upload/download activities.
  • Cloud Service username is not available and falls back to CloudSOC user.
  • DLP scan doesn't work for most scenarios due to upload/download being encrypted

OA Pair Details

  • OA Pair – Session -Auth
    • Login:
      • Command : gh auth login --with-token < token.txt
        • User Name not available
      • Command: gh auth login
    • Logout:
      • Command: gh auth logout
        • Display Auth info
          Command: gh auth status 
          Since the traffic for this command matches with login/logout , performing this activity also generates Session-Auth OA


  • OA Pair – File/Folder Download
    • Gist Clone:
      • Command: gh gist clone  ################
        Commnad: gh gist clone Repo Clone:
        Command: gh repo clone Owner/repo
    • Git pull: file/folder download
      • Command: git pull 
    • git clone:
      • Command: git clone<repository>/<file name>
    • git fetch:
      • Command git fetch –-all
    • gh repo sync : Download
      • Command: gh repo sync keep new file in repo then do sync
    • OA Pair – File-Upload
      • Gist Create:
        Command: gh gist create --public
        Command: gh gist create -d "my Hello-World program in Python"
        Command: gh gist create cool.txt
    • OA Pair – File/Folder-Upload
      • Git Push: file/folder upload verify it must
        • Command: git push